Focus on what counts
Alerts

PPPhraud

Beware of PPP Scams and Fraud

September 22, 2020
view all archive

The Small Business Administration (SBA) has been quiet on the Paycheck Protection Program (PPP) front, with the last official guidance issued in early August with the release of the FAQs related to loan forgiveness. As many businesses are nearing or will be nearing the end of their 24-week covered period and banks are getting ready to open their portals for forgiveness, it’s imperative to stay alert and vigilant in protecting your company’s assets.

On July 14, 2020, the SBA issued an alert related to scams and fraud occurrences concerning government funding options (see https://www.sba.gov/document/report-sba-programs-scams-fraud-alerts). Most of these alerts related to reiterating the following:

  • The SBA will not initiate contact on any 7a loans or grants
  • The SBA will not require you to pay any fees or upfront costs to be granted a loan
  • E-mails will come from accounts ending in sba.gov
  • The SBA logo has been fraudulently used by individuals and groups claiming to be official representatives of the Federal Government

We have seen additional instances of fraudulent phishing e-mails being sent from those claiming to represent the SBA by threatening federal action on PPP loans utilizing the fear of FAQ #31 to claim that the government knows your business had access to funds and that you are facing criminal prosecution relating to these loans. The demands request that you reach out to the false “sba-attorneys” so that you can begin the process of repayment.

Criminals prey on your fears and vulnerabilities, and phishing attacks have been a way that these individuals get to the heart of your business--your people. Be alert and aware of these schemes and keep yourself educated on the latest tactics. Don’t be a victim of PPP fraud.

As always, and with this in mind, Citrin Cooperman’s Technology, Risk Advisory, and Cybersecurity (TRAC) Practice is always ready to help you analyze these PPP threats and any other cyber threats to your business. If you have any questions, contact David Roath or Michael Camacho from our TRAC Practice.